CVE-2023-46694

Vtenext 21.02 allows an authenticated attacker to upload arbitrary files, potentially enabling them to execute remote commands. This flaw exists due to the application's failure to enforce proper authentication controls when accessing the Ckeditor file manager functionality...

CVE-2023-46694

Vtenext 21.02 allows an authenticated attacker to upload arbitrary files, potentially enabling them to execute remote commands. This flaw exists due to the application's failure to enforce proper authentication controls when accessing the Ckeditor file manager functionality...

pcp: exposure of the redis server backend allows remote command execution via pmproxy

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

Important: Red Hat Security Advisory: pcp security update

An update for pcp is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

Vtenext 安全漏洞

Vtenext is a Customer Relationship Management system from the Italian company Vtenext that helps users manage the CRM process in their business activities. A security vulnerability exists in Vtenext version 21.02, which arises from the application's failure to implement proper authentication...

PT-2024-13371 · Vtenext +1 · Vtenext +1

Name of the Vulnerable Software and Affected Versions: Vtenext version 21.02 Description: The issue allows an authenticated attacker to upload arbitrary files, potentially enabling them to execute remote commands. This flaw exists due to the application's failure to enforce proper authentication...

RHEL 8 : pcp (RHSA-2024:3392)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3392 advisory. Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...

CVE-2024-5403

CVE-2024-5403 affects ASKEY 5G NR Small Cell. The issue is an OS/command-injection vulnerability caused by improper filtering of user input for certain functionalities, enabling remote attackers with administrator privileges to execute arbitrary system commands on the remote server. CVSSv3.1 metr...

CVE-2024-5400

Openfind Mail2000 does not properly filter parameters of specific CGI. Remote attackers with regular privileges can exploit this vulnerability to execute arbitrary system commands on the remote server...

CVE-2024-5399

Openfind Mail2000 does not properly filter parameters of specific API. Remote attackers with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the remote server...

Openfind Mail2000 操作系统命令注入漏洞

Openfind Mail2000 is a Web-based e-mail system. An operating system command injection vulnerability exists in versions prior to Openfind Mail2000 V8.0 Patch 34, which stems from the inability to properly filter the parameters of a specific CGI, allowing an attacker to execute arbitrary system...

PT-2024-36006

Name of the Vulnerable Software and Affected Versions: Openfind Mail2000 affected versions not specified Description: The issue is related to improper filtering of parameters in specific CGI, allowing remote attackers with regular privileges to execute arbitrary system commands on the remote...

CVE-2024-34933

A SQL injection vulnerability in /model/updategrade.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the admissionfee parameter...

Important: Red Hat Security Advisory: pcp security, bug fix, and enhancement update

An update for pcp is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

pcp: exposure of the redis server backend allows remote command execution via pmproxy

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

Important: Red Hat Security Advisory: pcp security update

An update for pcp is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as havin...

pcp: exposure of the redis server backend allows remote command execution via pmproxy

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...

Important: Red Hat Security Advisory: pcp security update

An update for pcp is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

Important: Red Hat Security Advisory: pcp security update

An update for pcp is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

pcp: exposure of the redis server backend allows remote command execution via pmproxy

A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be...